diff --git a/frontend/azlinux/handle_container.go b/frontend/azlinux/handle_container.go index aeedc96f1..c66718180 100644 --- a/frontend/azlinux/handle_container.go +++ b/frontend/azlinux/handle_container.go @@ -67,7 +67,7 @@ func specToContainerLLB(w worker, spec *dalec.Spec, targetKey string, rpmDir llb installOpts := []installOpt{atRoot(workPath)} installOpts = append(installOpts, importRepos...) - installOpts = append(installOpts, []installOpt{noGPGCheck, withManifests, installWithConstraints(opts)}...) + installOpts = append(installOpts, []installOpt{noGPGCheck, installWithConstraints(opts)}...) rootfs = builderImg.Run( w.Install(pkgs, installOpts...), diff --git a/frontend/azlinux/install.go b/frontend/azlinux/install.go index f840980fc..f1aa562fc 100644 --- a/frontend/azlinux/install.go +++ b/frontend/azlinux/install.go @@ -10,8 +10,6 @@ import ( ) type installConfig struct { - // Tells the installer to create the distroless rpm manifest. - manifest bool // Disables GPG checking when installing RPMs. // this is needed when installing unsigned RPMs. noGPGCheck bool @@ -49,10 +47,6 @@ func withMounts(opts ...llb.RunOption) installOpt { } } -func withManifests(cfg *installConfig) { - cfg.manifest = true -} - func atRoot(root string) installOpt { return func(cfg *installConfig) { cfg.root = root @@ -86,40 +80,6 @@ func setInstallOptions(cfg *installConfig, opts []installOpt) { } } -func manifestScript(workPath string, opts ...llb.ConstraintsOpt) llb.State { - mfstDir := filepath.Join(workPath, "var/lib/rpmmanifest") - mfst1 := filepath.Join(mfstDir, "container-manifest-1") - mfst2 := filepath.Join(mfstDir, "container-manifest-2") - rpmdbDir := filepath.Join(workPath, "var/lib/rpm") - - chrootedPaths := []string{ - filepath.Join(workPath, "/usr/local/bin"), - filepath.Join(workPath, "/usr/local/sbin"), - filepath.Join(workPath, "/usr/bin"), - filepath.Join(workPath, "/usr/sbin"), - filepath.Join(workPath, "/bin"), - filepath.Join(workPath, "/sbin"), - } - chrootedPathEnv := strings.Join(chrootedPaths, ":") - - return llb.Scratch().File(llb.Mkfile("manifest.sh", 0o700, []byte(` -#!/usr/bin/env sh - -# If the rpm command is in the rootfs then we don't need to do anything -# If not then this is a distroless image and we need to generate manifests of the installed rpms and cleanup the rpmdb. - -PATH="`+chrootedPathEnv+`" command -v rpm && exit 0 - -set -e - -mkdir -p `+mfstDir+` - -rpm --dbpath=`+rpmdbDir+` -qa > `+mfst1+` -rpm --dbpath=`+rpmdbDir+` -qa --qf "%{NAME}\t%{VERSION}-%{RELEASE}\t%{INSTALLTIME}\t%{BUILDTIME}\t%{VENDOR}\t(none)\t%{SIZE}\t%{ARCH}\t%{EPOCHNUM}\t%{SOURCERPM}\n" > `+mfst2+` -rm -rf `+rpmdbDir+` -`)), opts...) -} - func importGPGScript(keyPaths []string) string { // all keys that are included should be mounted under this path keyRoot := "/etc/pki/rpm-gpg" @@ -133,8 +93,6 @@ func importGPGScript(keyPaths []string) string { return importScript } -const manifestSh = "manifest.sh" - func tdnfInstall(cfg *installConfig, relVer string, pkgs []string) llb.RunOption { cmdFlags := tdnfInstallFlags(cfg) // tdnf makecache is needed to ensure that the package metadata is up to date if extra repo @@ -157,15 +115,6 @@ func tdnfInstall(cfg *installConfig, relVer string, pkgs []string) llb.RunOption llb.SourcePath("/import-keys.sh"))) } - if cfg.manifest { - mfstScript := manifestScript(cfg.root, cfg.constraints...) - - manifestPath := filepath.Join("/tmp", manifestSh) - runOpts = append(runOpts, llb.AddMount(manifestPath, mfstScript, llb.SourcePath(manifestSh))) - - cmdArgs += "; " + manifestPath - } - runOpts = append(runOpts, dalec.ShArgs(cmdArgs)) runOpts = append(runOpts, cfg.mounts...) diff --git a/test/fixtures/moby-runc.yml b/test/fixtures/moby-runc.yml index d8b849e18..daa45b4b9 100644 --- a/test/fixtures/moby-runc.yml +++ b/test/fixtures/moby-runc.yml @@ -42,15 +42,12 @@ x-azl: &azl - name: mariner rpm manifest files files: /var/lib/rpmmanifest/container-manifest-1: - contains: - - "moby-runc-${VERSION}-" - - "libseccomp-" + not_exist: true /var/lib/rpmmanifest/container-manifest-2: - contains: - - "moby-runc-${VERSION}-" - - "libseccomp-" - /var/lib/rpm: not_exist: true + /var/lib/rpm: + is_dir: true + /var/lib/rpm/rpmdb.sqlite: targets: # Distro specific build requirements azlinux3: